package com.xiaotu.controller;

import com.xiaotu.utils.GetUserUtil;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

@Controller
public class CSRFController {
    //向用户修改页跳转
    @GetMapping("/toUpdate")
    public String toUpdate(Model model){
        String username = GetUserUtil.getUser2();
        model.addAttribute("username", username);
        return "csrf/csrfTest";
    }
    @PostMapping("/updateUser")
    @ResponseBody
    public String updateUser(@RequestParam String username, @RequestParam String password, HttpServletRequest request){
        System.out.println(username);
        System.out.println(password);
        String csrf = request.getParameter("_csrf");
        System.out.println(csrf);
        return "ok";
    }
}
